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AMENDMENTS TO THE CLAIMS 
Please amend Claims 1,13, and 25, as follows: 

1 . (Currently Amended) A method of securely invoking an access control function, 
the method comprising the steps of: 

receiving a digital signature for the access control function; 
generating a mapping of the access control function to the digital signature; 
determining that the digital signature is mapped to the access control function 
based on the mapping when execution of the access control function is 
requested; 

generating a plurality of records mapping access control events to access control 
functions along with an indication whether access control function 
invocation is active for each mapped access control event wherein said 
plurality of records are stored in a configuration file ; 

detecting that an access control event related to controlling access to information 
resources on a computer system has occurred; 

determining that the access control event is mapped to the access control function; 

retrieving an executable element if the access control event is mapped to the 

access control function and if access control function invocation is active 
for the access control event ; 

generating a digital signature for the retrieved executable element; 

determining whether the retrieved executable element matches the access control 
function by comparing the digital signature of the retrieved executable 
element and the digital signature for the access control function; and 
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executing the retrieved executable element only when the retrieved executable 

element matches the access control function. 
(Previously Presented) The method of Claim 1, 

wherein a particular class defines an implementation of the access control 
function; 

wherein the step of receiving a digital signature includes the step of receiving a 

digital signature for the particular class; and 
wherein the step of generating a mapping includes generating a mapping between 

the particular class and the digital signature. 
(Canceled) 
(Canceled) 

(Previously Presented) The method of Claim 1, wherein the step of returning data 
further includes the executable element returning name-value pairs. 
(Previously Presented) The method of Claim 1, wherein the step of returning data 
includes the executable element returning a hash table that contains the name- 
value pairs. 

(Original) The method of Claim 1, wherein the method further includes the steps 
of: 

generating a mapping of a plurality of access control functions to digital 

signatures, wherein the plurality of access control functions include the 
access control function, wherein one or more classes define an 
implementation for each of the plurality of access control functions; and 

wherein each of the one or more classes belong to a superclass. 
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8. (Original) The method of Claim 7, further including the step of invoking a 
routine defined by a superclass that collects data to return to a caller of the 
particular class. 

9. (Original) The method of Claim 8, wherein the step of executing the executable 
element includes invoking a routine defined for the superclass. 

10. (Original) The method of Claim 1, wherein the step of retrieving an executable 
element includes retrieving byte code. 

1 1 . (Original) The method of Claim 10, wherein the step of retrieving byte code 
includes retrieving Java byte code. 

12. (Original) The method of Claim 1, wherein the step of retrieving an executable 
element includes a first computer system retrieving byte code transmitted via a 
local area network from a second computer system. 

1 3 . (Currently Amended) A computer-readable medium carrying one or more 
sequences of one or more instructions for securely invoking an access control 
function, the one or more sequences of one or more instructions including 
instructions which, when executed by one or more processors, cause the one or 
more processors to perform the steps of: 

receiving a digital signature for the access control function; 

generating a mapping of the access control function to the digital signature; 

determining that the digital signature is mapped to the access control function 

based on the mapping when execution of the access control function is 

requested; 

generating a plurality of records mapping access control events to access control 
functions along with an indication whether access control function 
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invocation is active for each mapped access control event wherein said 

plurality of records are stored in a configuration file ; 
detecting that an access control event related to controlling access to information 

resources on a computer system has occurred; 
determining that the access control event is mapped to the access control function; 
retrieving an executable element if the access control event is mapped to the 

access control function and if access control function invocation is active 

for the access control event ; 
generating a digital signature for the retrieved executable element; 
determining whether the retrieved executable element matches the access control 

function by comparing the digital signature of the retrieved executable 

element and the digital signature for the access control function; and 
executing the retrieved executable element only when the retrieved executable 

element matches the access control function. 

14. (Previously Presented) The computer-readable medium of Claim 13, 
wherein a particular class defines an implementation of the access control 

function; 

wherein the step of receiving a digital signature includes the step of receiving a 

digital signature for the particular class; and 
wherein the step of generating a mapping includes generating a mapping between 

the particular class and the digital signature. 

15. (Canceled) 

16. (Canceled) 
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17. (Previously Presented) The computer-readable medium of Claim 13, wherein the 
step of returning data further includes sequences of instructions for performing 
the step of the executable element returning name-value pairs. 

18. (Previously Presented) The computer-readable medium of Claim 13, wherein the 
step of returning data includes the executable element returning a hash table that 
contains the name-value pairs. 

19. (Original) The computer-readable medium of Claim 13, wherein the computer- 
readable medium further includes sequences of instructions for performing the 
steps of: 

generating a mapping of a plurality of access control functions to digital 

signatures, wherein the plurality of access control functions include the 
access control function, wherein one or more classes define an 
implementation for each of the plurality of access control functions; and 

wherein each of the one or more classes belong to a superclass. 

20. (Original) The computer-readable medium of Claim 19, further including 
sequences of instructions for performing the step of invoking a routine defined by 
a superclass that collects data to return to a caller of the particular class. 

21 . (Original) The computer-readable medium of Claim 20, wherein the step of 
executing the executable element includes invoking a routine defined for the 
superclass. 

22. (Original) The computer-readable medium of Claim 13, wherein the step of 
retrieving an executable element includes retrieving byte code. 

23. (Original) The computer-readable medium of Claim 22, wherein the step of 
retrieving byte code includes retrieving Java byte code. 
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24. (Original) The computer-readable medium of Claim 13, wherein the step of 
retrieving an executable element includes a first computer system retrieving byte 
code transmitted via a local area network from a second computer system. 

25. (Currently Amended) An access control system, comprising: 
a processor; 

a memory coupled to the processor; 

a first mapping that maps each of a set of access control functions to a digital 

signature of that access control function; 
the processor configured to retrieve an executable element in response to a request 

to execute a first access control function; 
the processor configured to generate a plurality of records mapping access control 

events to access control functions along with an indication whether access 

control function invocation is active for each mapped access control event 

wherein said plurality of records are stored in a configuration file ; 
the processor configured to detect that an access control event related to 

controlling access to information resources on a computer system has 

occurred; 

the processor configured to determine that the access control event is mapped to 

the access control function; 
the processor configured to retrieve an executable element if the access control 

event is mapped to the access control function and if access control 

function invocation is active for the access control event ; 
the processor configured to generate a digital signature for the retrieved 

executable element; 
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the processor configured to determine whether the retrieved executable element 
matches the first access control function by comparing the digital 
signature of the retrieved executable element and the digital signature for 
the first access control function; and 

the processor configured to execute the retrieved executable element when the 
retrieved executable element matches the first access control function. 

26. (Original) The access control system of Claim 25, 

wherein the first mapping maps a class implementing one of the set of access 
control functions to a digital signature. 

27. (Canceled) 

28. (Canceled) 

29. (Previously Presented) The access control system of Claim 25, wherein the 
executable element returns name-value pairs as data. 

30. (Previously Presented) The access control system of Claim 25, wherein the 
executable element returns a hash table as data that contains the name-value pairs. 

3 1 . (Original) The access control system of Claim 25, 

wherein the processor is configured to generate a mapping of a plurality of access 

control functions to digital signatures; 
wherein the plurality of access control functions include the access control 

function, wherein one or more classes define an implementation for each 

of the plurality of access control functions; and 
wherein each of the one or more classes belong to a superclass. 
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32. (Original) The access control system of Claim 31, further comprising said 
processor configured to invoke a routine defined by a superclass that collects data 
to return to a caller of the particular class. 

33. (Original) The access control system of Claim 32, wherein said processor is 
configured to execute the executable element by invoking a routine defined for 
the superclass. 

34. (Original) The access control system of Claim 33, wherein said executable 
element is byte code. 

35. (Original) The access control system of Claim 34, wherein said byte code 
includes Java byte code. 

36. (Original) The access control system of Claim 35, wherein said processor is 
configure to retrieve an executable element by retrieving byte code transmitted 
via a local area network. 
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